offers.generationvip.com
Open in
urlscan Pro
2.20.132.146
Public Scan
Submitted URL: http://anonymous-net.com/
Effective URL: https://offers.generationvip.com/DE/Welcome200/?afi=28290&ar=20_&mmi=71370&par=5016dCKTg0iqnYV1ZZhD7pWFPLT4r24&gclid=5e7e2f4c6cce...
Submission: On March 27 via manual from GB
Effective URL: https://offers.generationvip.com/DE/Welcome200/?afi=28290&ar=20_&mmi=71370&par=5016dCKTg0iqnYV1ZZhD7pWFPLT4r24&gclid=5e7e2f4c6cce...
Submission: On March 27 via manual from GB
Summary
This website contacted 22 IPs
in 8 countries
across 20 domains to perform 37 HTTP transactions.
The main IP is 2.20.132.146, located in
Ascension Island and
belongs to AKAMAI-ASN1, US.
The main domain is offers.generationvip.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 17th 2019. Valid for: 2 years.
This is the only time offers.generationvip.com was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 17th 2019. Valid for: 2 years.
This is the only time offers.generationvip.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
2
173.192.101.24
(Dallas, United States)
ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
| beta.infopicked.com |
2
52.210.34.44
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-34-44.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-34-44.eu-west-1.compute.amazonaws.com
| traffic.focuusing.com |
2
2.20.132.146
(Ascension Island)
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-20-132-146.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-20-132-146.deploy.static.akamaitechnologies.com
| offers.generationvip.com | |
| fnc.aspireglobal.com |
2
2a02:26f0:6c00:192::11a6
(Ascension Island)
ASN20940 (AKAMAI-ASN1, US)
ASN20940 (AKAMAI-ASN1, US)
| s.go-mpulse.net | |
| 684dd30a.akstat.io |
1
2a00:1450:4001:81d::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
6
130.211.115.4
(Mountain View, United States)
ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com
| data.ad-score.com |
1
143.204.179.106
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-179-106.lhr50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-179-106.lhr50.r.cloudfront.net
| dnn506yrbagrg.cloudfront.net |
1
2a00:1450:4001:817::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
13.35.193.84
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-35-193-84.lhr62.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-35-193-84.lhr62.r.cloudfront.net
| 61676801.adoric-om.com |
1
52.216.228.43
(Ashburn, United States)
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
| s3.amazonaws.com |
2
35.174.117.232
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-117-232.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-117-232.compute-1.amazonaws.com
| app.adoric-om.com |
| Domain | Requested by | |
|---|---|---|
| 7 | download.gamesrv1.com |
offers.generationvip.com
|
| 6 | data.ad-score.com |
js.ad-score.com
offers.generationvip.com |
| 2 | app.adoric-om.com |
61676801.adoric-om.com
|
| 2 | traffic.focuusing.com |
traffic.focuusing.com
|
| 2 | beta.infopicked.com | 2 redirects |
| 1 | 684dd30a.akstat.io |
s.go-mpulse.net
|
| 1 | widget.eu.criteo.com |
static.criteo.net
|
| 1 | s3.amazonaws.com |
61676801.adoric-om.com
|
| 1 | sslwidget.criteo.com |
static.criteo.net
|
| 1 | script.crazyegg.com |
dnn506yrbagrg.cloudfront.net
|
| 1 | c.go-mpulse.net |
s.go-mpulse.net
|
| 1 | 61676801.adoric-om.com |
traffic.focuusing.com
|
| 1 | static.criteo.net |
www.googletagmanager.com
|
| 1 | www.google-analytics.com |
www.googletagmanager.com
|
| 1 | dnn506yrbagrg.cloudfront.net |
offers.generationvip.com
|
| 1 | info.generationvip.com |
offers.generationvip.com
|
| 1 | www.googletagmanager.com |
offers.generationvip.com
|
| 1 | s.go-mpulse.net |
offers.generationvip.com
|
| 1 | js.ad-score.com |
offers.generationvip.com
|
| 1 | fnc.aspireglobal.com |
offers.generationvip.com
|
| 1 | ajax.googleapis.com |
offers.generationvip.com
|
| 1 | maxcdn.bootstrapcdn.com |
offers.generationvip.com
|
| 1 | fonts.googleapis.com |
offers.generationvip.com
|
| 1 | offers.generationvip.com |
traffic.focuusing.com
|
| 1 | mobinner.g2afse.com | 1 redirects |
| 1 | anonymous-net.com | 1 redirects |
| 37 | 26 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| de.generationvip.com |
| download.gamesrv1.com |
| secure.gamblingcommission.gov.uk |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.focuusing.com Amazon |
2020-03-19 - 2021-04-19 |
a year | crt.sh |
| *.generationvip.com Sectigo RSA Domain Validation Secure Server CA |
2019-11-17 - 2021-11-16 |
2 years | crt.sh |
| *.storage.googleapis.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
| s3.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA |
2018-12-03 - 2020-07-28 |
2 years | crt.sh |
| *.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
| *.aspireglobal.com Sectigo RSA Domain Validation Secure Server CA |
2019-11-18 - 2021-11-10 |
2 years | crt.sh |
| *.ad-score.com Go Daddy Secure Certificate Authority - G2 |
2019-09-02 - 2020-11-01 |
a year | crt.sh |
| akstat.io DigiCert SHA2 Secure Server CA |
2019-04-16 - 2020-06-14 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
| *.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
| *.criteo.net DigiCert ECC Secure Server CA |
2019-12-03 - 2021-04-06 |
a year | crt.sh |
| adoric.com Amazon |
2019-04-17 - 2020-05-17 |
a year | crt.sh |
| ssl945600.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2020-01-28 - 2020-08-05 |
6 months | crt.sh |
| *.criteo.com DigiCert ECC Secure Server CA |
2019-12-05 - 2021-04-08 |
a year | crt.sh |
| s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2019-11-09 - 2020-12-02 |
a year | crt.sh |
| *.eu.criteo.com DigiCert ECC Secure Server CA |
2019-06-12 - 2020-06-16 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://offers.generationvip.com/DE/Welcome200/?afi=28290&ar=20_&mmi=71370&par=5016dCKTg0iqnYV1ZZhD7pWFPLT4r24&gclid=5e7e2f4c6cce810001bd5cd0&popunder=yes
Frame ID: 9346EA18D1DC7970E2800DF52A4B11BE
Requests: 35 HTTP requests in this frame
Frame:
https://s.go-mpulse.net/boomerang/XS7ZD-X747A-FXTVA-RRACK-HEWYK
Frame ID: D35FDDE17E1AFF9F6C3D0C8725A11B8D
Requests: 2 HTTP requests in this frame
Frame:
https://info.generationvip.com/visit.aspx?afi=28290&ar=20_&mmi=71370&par=5016dCKTg0iqnYV1ZZhD7pWFPLT4r24&gclid=5e7e2f4c6cce810001bd5cd0&lpr=Welcome200_DE&lng=GER&gameverticalid=246
Frame ID: 9A2A5AD8441DFD476448527FBA8F9DD2
Requests: 1 HTTP requests in this frame
Frame:
https://widget.eu.criteo.com/dis/dis.aspx?p=27655&cb=60060825312&ref=https%3A%2F%2Ftraffic.focuusing.com%2Fprocess%3Fafi%3D28290%26ar%3D20_%26campaign%3D672646%26destination%3D1424697%26gclid%3D5e7e2f4c6cce810001bd5cd0%26popunder%3Dyes%26tid%3D5016dCKTg0iqnYV1ZZhD7pWFPLT4r24%26traffic_source%3D298729%26crfn%3Dt15016dCKTg0iqnYV1ZZhD7pWFPLT4r24&sc_r=1600x1200&sc_d=24
Frame ID: 54BFE8868E4A08A272744B5EE29D4D52
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://anonymous-net.com/
HTTP 302
https://beta.infopicked.com/aS/feedclick?s=tmxvfbadWlnQGRr_qytWV_RohOIAQNxpExJj-rHjFyofX_SyQNfC5DbqLWcoc... HTTP 302
http://beta.infopicked.com/adServe/domainClick?ai=yfpccR7D_kxUfoRaXE2x2LlxgaGGO9s2edF4zpD2_wYEz4zei11PR... HTTP 302
https://mobinner.g2afse.com/click?pid=20&offer_id=780&sub1=79491815549 HTTP 302
https://traffic.focuusing.com/router?code=DBAFUNV&traffic_source=298729&afi=28290&ar=20_&gclid=5e7e2f4c6cc... Page URL
- https://traffic.focuusing.com/process?afi=28290&ar=20_&campaign=672646&destination=1424697&gclid=5e7e2f4c6... Page URL
- https://offers.generationvip.com/DE/Welcome200/?afi=28290&ar=20_&mmi=71370&par=5016dCKTg0iqnYV1ZZhD7pWFPLT4r2... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
animate.css (Web Frameworks) Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Crazy Egg
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i
Criteo
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/static.criteo.net\/js\/ld\/ld.js/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- html /<!-- (?:End )?Google Tag Manager -->/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: https://de.generationvip.com/info/bonus-policy/
Title: Bonusrichtlinien
Title: Bonusrichtlinien
Search URL Search Domain Scan URL
URL: https://de.generationvip.com/info/terms/
Title: Nutzungsbedingungen.
Title: Nutzungsbedingungen.
Search URL Search Domain Scan URL
URL: http://download.gamesrv1.com/Resources/External/bonusterms/tc_eng_EUR.html
Title: Bonusumsatzbedingungen
Title: Bonusumsatzbedingungen
Search URL Search Domain Scan URL
URL: https://de.generationvip.com/info/faq/
Title: FAQ-Bereich.
Title: FAQ-Bereich.
Search URL Search Domain Scan URL
URL: https://de.generationvip.com/info/responsible/
Title: Glücksspiel kann süchtig machen, bitte spielen Sie verantwortungsvoll
Title: Glücksspiel kann süchtig machen, bitte spielen Sie verantwortungsvoll
Search URL Search Domain Scan URL
URL: https://secure.gamblingcommission.gov.uk/gccustomweb/PublicRegister/PRSearch.aspx?ExternalAccountId=39483
Title: Hier
Title: Hier
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://anonymous-net.com/
HTTP 302
https://beta.infopicked.com/aS/feedclick?s=tmxvfbadWlnQGRr_qytWV_RohOIAQNxpExJj-rHjFyofX_SyQNfC5DbqLWcocrtAu-nYe6d-YnsGvLcNuFljMBdtDxKvIR0kfkc4A3jiV6YSp9Dm0A7h07CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cIhZOTVv1UOhMwDBpz0SSNCl-kK7enezE0SY8Qrbg5rGYn8TCs_yBRLJrvTvPP1hl9bXTIu5GIIViwm_JO9fNK83dTHwG9QNks5GgtOaooqEo3J7kMn1Os-osQJD-TYCeRKrhqWEb9-8Q0kGFn13D44x73KNYjACCFLeZHZ-_x1LLRsdU_VQgQSpp7d-MZRZGmY11VQs8cA7AMM4Lqdqip1wAFC5YBQ24eEIXaRC8afOM2j2fq8ZWoRJovjaIR0EeCC0ZOy9vVttQl3wDUUjPhWszhPG9_tB6evLb0x9umbGHE6eP9pSg9dZVbd9TApnURrmxVF-3KEwsIrkyIa8G-ajAram8LWwUpRhE_cSQrBh5qfITp7zEHXbGD5l9Viz1_B7jdoU48V-TrV4DPh-UchiCwhL-P9bweGUWT0hZamYsQ5HCUKJcJwLccHK1qvxNM9qIJGLeoues50GmHBAt6Gnb51tdsyED0gCm1RLk5TV5Y5x7LAmxWxDjCJm-imZvjdnBTT29fPUTnfHdy1wAJzB1fEJEGmZUH1LWA2Hp6AMrLOOSWvtF08ts1VZVgPP4GR4DgVih8OpeCPpyDpAgN2C-NlCeSSr2YNtPA99lL5d2cGdO4qLTjnwCgTL3EznBdsckinvLnT4hlg-DBLXxEbJp-XhhOjNrz4Okc7SrZXjSfM8UYSYa1xfa-wOBvjokJ8WYN5nvW6mMftSPe061Z8w30lOKtBEK_PhKNZ2zFhFdCeXRH45Bbr4qIOmXQ44UvLzKk5W67L9m8uxl0th3CBbQKCYD3xXenw0ydUdXlm5NszLqeB9aWtWMn8W4x9E6QOVQQqtSkW4vy8bIXtj4xSyv_hRibuSK6mvltoFddVNtVqrqTmTZHOxES_hA55dIcx8MzTH5V68h6JQzRQ5l-C5BgKBxQiiuI0mQoN4ifYXBj_41uO9LhVDPhBqmOWhBuB2riDoXBbCgM6T1_iU93aprXbpf83smDzYLFrfcvNx0rh5B8T6VMR1RnB0QGgwLkGLV2W7qQUttCVKSQnetMXKaRcx2lEGj16kZwkP_lEDK_6wHOS0DpwoTzQU837F2G7zUth76PYzYEb5L0i8LC-u2Dli66C-XucADfX2tBPlR3prQOfp40nqto4xzxpaMAbY2ZGoSIRynpcpU-cnakKaPWvUi1EDwNyRRUPN1eP9E9X3AYQsCpAEn3pdnGSoQpswH8ppDHLoYrWNdGMkhf7J04HXftNu8jd4erbF4Nu_dj0A_z1-8CVt9SU2FR4pFminJ5zlQmtYLVaHcodejbvmZ4JNqwvtfxNjTcQOom_iFTCMkECjwUBFT_pzCrMi7ymC1gaQbL4aQup6s8JhMYWbOxpJMhMMvNUrTBluRpZunlHWmX__7QAA_vsWIicAowl00I8zIENwZcAoB2qx-hPQr3niZVAMBaFfkSQEkfHHcZ9zjvo6vUQKLFE7bDahfoVJoofJk1IRoc7kS6orrGF2ub9xwX1wHjHh6fVhK8hwsmstwxOiYcYiSk-7Dch7bSFjNx6Toj9kghgbOnleKyz947GP4TsT26NezqvwtmGKUTpGk9yX0sr4SfHbi0RDkO6wZKqDJygNGW2M-edZHsAkMC_jv43nRsz0NfbWxcTSHYRqIk3x2N-NG2LV3Zkk-PGUDHexmC9pHhmEk6QcQIjPr53omNVhNNjvpVpJyFSTSJx37oXW_lYFXjCHFV7ej5NHsDjzDKSjlyI71uBy5LWMh4ASJedTdbL4vwB0wqCeyQWqc0YHNXzc8FVYbKuUyzmMMKiT1gysBXupBUiDZY83VWciY3KTQhbpUcbGOjBQmQ_ks2WIa0Y HTTP 302
http://beta.infopicked.com/adServe/domainClick?ai=yfpccR7D_kxUfoRaXE2x2LlxgaGGO9s2edF4zpD2_wYEz4zei11PRo-xOhZKvtjGQcN9AScI28DtXMH1QOaDWoRvwHxjYx6lx9s0yxgAq8toOgN9pzNxgo8G9tea7hEzOW0k3VnGFWRArSHvQZleOJYHfZ7DOmEo-GsO9NuO1hbV-eOuBH1BZnPNYpSM45-M-Enx24tEQ5DcmVpJKhyY5BARXVry1fGyXjigC3iyOya_8bsklA_Ej9IZAvFkb2NRynWdIWJFXu77nrmGQPe56s5URNuKyEeU9EElaSF-nDVi5zRxGTYVZp6XKVPnJ2pCmj1r1ItRA8DckUVDzdXj_QPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UjQ9mH6USLMQjeRAqbTvnp8JK_x4NP3mON1VnImNyk0IBW3Nb4Gcb8jbqQjGq-HbWOYwwqJPWDKwFe6kFSINljzdVZyJjcpNCUIBEuNZYiNoTY4ndI2KPe330rF-BXkShkApxxA1mhmyJakIV6HHacr7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU06bWQeD1JDHKK7fxoSzco3HsKbYd4jRL3fz-AbClJeve1IAxxj8fbHTslVAj0K0ePsWWACgJwfWzW1p2h3hBQbnXQPnuWlBambEt92mMgVgww&ui=tmxvfbadWlnQGRr_qytWVwcsWc8-Vo_0IaIc3yOo5HKDlVylFt6o5LN8CVfQ82JYYS9YKtzoDFSpwnbutN2z3NT4ueTsW4AuFXM4qk4xm53KWdTWEecsmg&si=1&oref=9f521fb91a2ec32caafe0450421dd87b&rb=LW_v4KVZAgI&rr=0&isco=t HTTP 302
https://mobinner.g2afse.com/click?pid=20&offer_id=780&sub1=79491815549 HTTP 302
https://traffic.focuusing.com/router?code=DBAFUNV&traffic_source=298729&afi=28290&ar=20_&gclid=5e7e2f4c6cce810001bd5cd0&popunder=yes Page URL
- https://traffic.focuusing.com/process?afi=28290&ar=20_&campaign=672646&destination=1424697&gclid=5e7e2f4c6cce810001bd5cd0&popunder=yes&tid=5016dCKTg0iqnYV1ZZhD7pWFPLT4r24&traffic_source=298729&crfn=t15016dCKTg0iqnYV1ZZhD7pWFPLT4r24 Page URL
- https://offers.generationvip.com/DE/Welcome200/?afi=28290&ar=20_&mmi=71370&par=5016dCKTg0iqnYV1ZZhD7pWFPLT4r24&gclid=5e7e2f4c6cce810001bd5cd0&popunder=yes Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://anonymous-net.com/ HTTP 302
- https://beta.infopicked.com/aS/feedclick?s=tmxvfbadWlnQGRr_qytWV_RohOIAQNxpExJj-rHjFyofX_SyQNfC5DbqLWcocrtAu-nYe6d-YnsGvLcNuFljMBdtDxKvIR0kfkc4A3jiV6YSp9Dm0A7h07CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cIhZOTVv1UOhMwDBpz0SSNCl-kK7enezE0SY8Qrbg5rGYn8TCs_yBRLJrvTvPP1hl9bXTIu5GIIViwm_JO9fNK83dTHwG9QNks5GgtOaooqEo3J7kMn1Os-osQJD-TYCeRKrhqWEb9-8Q0kGFn13D44x73KNYjACCFLeZHZ-_x1LLRsdU_VQgQSpp7d-MZRZGmY11VQs8cA7AMM4Lqdqip1wAFC5YBQ24eEIXaRC8afOM2j2fq8ZWoRJovjaIR0EeCC0ZOy9vVttQl3wDUUjPhWszhPG9_tB6evLb0x9umbGHE6eP9pSg9dZVbd9TApnURrmxVF-3KEwsIrkyIa8G-ajAram8LWwUpRhE_cSQrBh5qfITp7zEHXbGD5l9Viz1_B7jdoU48V-TrV4DPh-UchiCwhL-P9bweGUWT0hZamYsQ5HCUKJcJwLccHK1qvxNM9qIJGLeoues50GmHBAt6Gnb51tdsyED0gCm1RLk5TV5Y5x7LAmxWxDjCJm-imZvjdnBTT29fPUTnfHdy1wAJzB1fEJEGmZUH1LWA2Hp6AMrLOOSWvtF08ts1VZVgPP4GR4DgVih8OpeCPpyDpAgN2C-NlCeSSr2YNtPA99lL5d2cGdO4qLTjnwCgTL3EznBdsckinvLnT4hlg-DBLXxEbJp-XhhOjNrz4Okc7SrZXjSfM8UYSYa1xfa-wOBvjokJ8WYN5nvW6mMftSPe061Z8w30lOKtBEK_PhKNZ2zFhFdCeXRH45Bbr4qIOmXQ44UvLzKk5W67L9m8uxl0th3CBbQKCYD3xXenw0ydUdXlm5NszLqeB9aWtWMn8W4x9E6QOVQQqtSkW4vy8bIXtj4xSyv_hRibuSK6mvltoFddVNtVqrqTmTZHOxES_hA55dIcx8MzTH5V68h6JQzRQ5l-C5BgKBxQiiuI0mQoN4ifYXBj_41uO9LhVDPhBqmOWhBuB2riDoXBbCgM6T1_iU93aprXbpf83smDzYLFrfcvNx0rh5B8T6VMR1RnB0QGgwLkGLV2W7qQUttCVKSQnetMXKaRcx2lEGj16kZwkP_lEDK_6wHOS0DpwoTzQU837F2G7zUth76PYzYEb5L0i8LC-u2Dli66C-XucADfX2tBPlR3prQOfp40nqto4xzxpaMAbY2ZGoSIRynpcpU-cnakKaPWvUi1EDwNyRRUPN1eP9E9X3AYQsCpAEn3pdnGSoQpswH8ppDHLoYrWNdGMkhf7J04HXftNu8jd4erbF4Nu_dj0A_z1-8CVt9SU2FR4pFminJ5zlQmtYLVaHcodejbvmZ4JNqwvtfxNjTcQOom_iFTCMkECjwUBFT_pzCrMi7ymC1gaQbL4aQup6s8JhMYWbOxpJMhMMvNUrTBluRpZunlHWmX__7QAA_vsWIicAowl00I8zIENwZcAoB2qx-hPQr3niZVAMBaFfkSQEkfHHcZ9zjvo6vUQKLFE7bDahfoVJoofJk1IRoc7kS6orrGF2ub9xwX1wHjHh6fVhK8hwsmstwxOiYcYiSk-7Dch7bSFjNx6Toj9kghgbOnleKyz947GP4TsT26NezqvwtmGKUTpGk9yX0sr4SfHbi0RDkO6wZKqDJygNGW2M-edZHsAkMC_jv43nRsz0NfbWxcTSHYRqIk3x2N-NG2LV3Zkk-PGUDHexmC9pHhmEk6QcQIjPr53omNVhNNjvpVpJyFSTSJx37oXW_lYFXjCHFV7ej5NHsDjzDKSjlyI71uBy5LWMh4ASJedTdbL4vwB0wqCeyQWqc0YHNXzc8FVYbKuUyzmMMKiT1gysBXupBUiDZY83VWciY3KTQhbpUcbGOjBQmQ_ks2WIa0Y HTTP 302
- http://beta.infopicked.com/adServe/domainClick?ai=yfpccR7D_kxUfoRaXE2x2LlxgaGGO9s2edF4zpD2_wYEz4zei11PRo-xOhZKvtjGQcN9AScI28DtXMH1QOaDWoRvwHxjYx6lx9s0yxgAq8toOgN9pzNxgo8G9tea7hEzOW0k3VnGFWRArSHvQZleOJYHfZ7DOmEo-GsO9NuO1hbV-eOuBH1BZnPNYpSM45-M-Enx24tEQ5DcmVpJKhyY5BARXVry1fGyXjigC3iyOya_8bsklA_Ej9IZAvFkb2NRynWdIWJFXu77nrmGQPe56s5URNuKyEeU9EElaSF-nDVi5zRxGTYVZp6XKVPnJ2pCmj1r1ItRA8DckUVDzdXj_QPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UjQ9mH6USLMQjeRAqbTvnp8JK_x4NP3mON1VnImNyk0IBW3Nb4Gcb8jbqQjGq-HbWOYwwqJPWDKwFe6kFSINljzdVZyJjcpNCUIBEuNZYiNoTY4ndI2KPe330rF-BXkShkApxxA1mhmyJakIV6HHacr7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU06bWQeD1JDHKK7fxoSzco3HsKbYd4jRL3fz-AbClJeve1IAxxj8fbHTslVAj0K0ePsWWACgJwfWzW1p2h3hBQbnXQPnuWlBambEt92mMgVgww&ui=tmxvfbadWlnQGRr_qytWVwcsWc8-Vo_0IaIc3yOo5HKDlVylFt6o5LN8CVfQ82JYYS9YKtzoDFSpwnbutN2z3NT4ueTsW4AuFXM4qk4xm53KWdTWEecsmg&si=1&oref=9f521fb91a2ec32caafe0450421dd87b&rb=LW_v4KVZAgI&rr=0&isco=t HTTP 302
- https://mobinner.g2afse.com/click?pid=20&offer_id=780&sub1=79491815549 HTTP 302
- https://traffic.focuusing.com/router?code=DBAFUNV&traffic_source=298729&afi=28290&ar=20_&gclid=5e7e2f4c6cce810001bd5cd0&popunder=yes
37 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
 Cookie set
router
traffic.focuusing.com/ Redirect Chain
|
299 B 781 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
process
traffic.focuusing.com/ |
222 B 700 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
offers.generationvip.com/DE/Welcome200/ |
23 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
13 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css_default.css
download.gamesrv1.com/Resources/LandingPages/CSS/ |
39 B 342 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ |
115 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
template-responsive-bg.css
download.gamesrv1.com/Resources/LandingPages/CSS/ |
0 84 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
animate.min.css
download.gamesrv1.com/Resources/LandingPages/JS/animate.css-master/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ |
82 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
openlobby.js
fnc.aspireglobal.com/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer_de.png
download.gamesrv1.com/Resources/LandingPages/Footers/dark/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer_mob_de.png
download.gamesrv1.com/Resources/LandingPages/Footers/mobiledark/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
score.min.js
js.ad-score.com/ |
281 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
imageMapResizer.min.js
download.gamesrv1.com/Resources/LandingPages/JS/image-map-resizer-master/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
XS7ZD-X747A-FXTVA-RRACK-HEWYK
s.go-mpulse.net/boomerang/ Frame D35F |
202 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
92 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
visit.aspx
info.generationvip.com/ Frame 9A2A |
271 B 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Welcome200_bg_1576504818_bg_ger_eur.jpg
download.gamesrv1.com/Resources/LandingPages/Kits/DE/ |
248 KB 248 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
cors
data.ad-score.com/data/ |
42 B 597 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
f4d2a972-df2c-4d80-8f4d-090894781a22
https://offers.generationvip.com/ |
720 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
68 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
cors
data.ad-score.com/data/ |
1 B 280 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
35 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2220.js
dnn506yrbagrg.cloudfront.net/pages/scripts/0026/ |
309 B 821 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ld.js
static.criteo.net/js/ld/ |
29 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adoric.js
61676801.adoric-om.com/ |
118 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config.json
c.go-mpulse.net/api/ Frame D35F |
566 B 839 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2220.js
script.crazyegg.com/pages/scripts/0026/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
event
sslwidget.criteo.com/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
adoric.v2.min.css
s3.amazonaws.com/adoric-static/ |
162 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
app.adoric-om.com/v1/campaigns/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
goals
app.adoric-om.com/v1/analytics/ |
36 B 565 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cors
data.ad-score.com/data/ |
0 498 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dis.aspx
widget.eu.criteo.com/dis/ Frame 54BF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
684dd30a.akstat.io/ |
0 208 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
cors
data.ad-score.com/data/ |
1 B 280 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
cors
data.ad-score.com/data/ |
1 B 280 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
cors
data.ad-score.com/data/ |
1 B 280 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery boolean| lobby_fixed function| initiate function| init function| open_lobby function| get_brand_data function| parseURL function| get_lng function| get_lng_2digits function| set_global_vars function| getURLParam function| getPARAM function| getAFI function| getCookieNew function| onWhtmlPopupOpen function| fireGAevent function| addWelcomeBanner function| $ILobby function| open_lobby_local function| showUKRegulationText function| LoadGamePlatform string| BOOMR_API_key object| BOOMR number| BOOMR_lstart object| dataLayer object| __pm_glbl object| __pm_glbl_C77RT1av2BGumingW9Qqs2ze object| __pm_ads_list string| AdScoreObject function| adScore function| imageMapResize object| google_tag_manager object| BOOMR_mq string| GoogleAnalyticsObject function| ga object| criteo_q object| adoric object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _extends function| _slicedToArray function| _typeof function| _createClass function| _toConsumableArray function| _classCallCheck object| __adoric__ object| _localStorage boolean| IS_ADORIC_LOADED number| BOOMR_configt string| images_dir number| BOOMR_onload29 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .info.generationvip.com/ | Name: LanguageCode Value: GER |
|
| .generationvip.com/ | Name: RT Value: "z=1&dm=generationvip.com&si=6f9b2606-7e09-46bb-8d64-df7b23b63fe3&ss=k8afbugb&sl=1&tt=143&bcn=%2F%2F684dd30a.akstat.io%2F&ld=144" |
|
| .generationvip.com/ | Name: PlayerAlternateReference Value: 5016dCKTg0iqnYV1ZZhD7pWFPLT4r24 |
|
| .generationvip.com/ | Name: MarketingMaterialID Value: 71370 |
|
| .info.generationvip.com/ | Name: CSITemp Value: 264 |
|
| .info.generationvip.com/ | Name: BO Value: |
|
| .generationvip.com/ | Name: AB Value: B |
|
| .generationvip.com/ | Name: UniqueVisitorID Value: 02F96A497199FDC491498D4E55D2F556 |
|
| .generationvip.com/ | Name: GameVerticalID Value: 246 |
|
| .generationvip.com/ | Name: _gac_UA-144134789-1 Value: 1.1585327950.5e7e2f4c6cce810001bd5cd0 |
|
| .generationvip.com/ | Name: gclid Value: 5e7e2f4c6cce810001bd5cd0 |
|
| .info.generationvip.com/ | Name: CountryCode Value: GB |
|
| .generationvip.com/ | Name: lastvisit Value: 2020-03-27 |
|
| .info.generationvip.com/ | Name: CSI_264 Value: EncryptedUniqueVisitorID=02F96A497199FDC491498D4E55D2F556&AffiliateID=28290&MarketingMaterialID=71370&LastUpdate=2020-03-27&AlternateReference=20_&PlayerAlternateReference=5016dCKTg0iqnYV1ZZhD7pWFPLT4r24&gclid=5e7e2f4c6cce810001bd5cd0&LandingPageReference=Welcome200_DE&GameVerticalID=246 |
|
| .generationvip.com/ | Name: popunder Value: yes |
|
| .generationvip.com/ | Name: par Value: 5016dCKTg0iqnYV1ZZhD7pWFPLT4r24 |
|
| .generationvip.com/ | Name: mmi Value: 71370 |
|
| .info.generationvip.com/ | Name: RegistrationMode Value: M |
|
| info.generationvip.com/ | Name: ASP.NET_SessionId Value: m23my2hbnixzvs1wwubuxzg5 |
|
| .generationvip.com/ | Name: AffiliateID Value: 28290 |
|
| .generationvip.com/ | Name: _gid Value: GA1.2.1390966417.1585327950 |
|
| .generationvip.com/ | Name: _ga Value: GA1.2.99049270.1585327950 |
|
| .generationvip.com/ | Name: ar Value: 20_ |
|
| .generationvip.com/ | Name: visits Value: 1 |
|
| .generationvip.com/ | Name: afi Value: 28290 |
|
| offers.generationvip.com/DE/Welcome200 | Name: adoric_uniq_day_id Value: 5e7e2f4ee4a86a0017fe16b0 |
|
| offers.generationvip.com/DE/Welcome200 | Name: adoric_user Value: 1 |
|
| .generationvip.com/ | Name: AlternateReference Value: 20_ |
|
| offers.generationvip.com/DE/Welcome200 | Name: adoric_goals Value: %5B%225b7ae536974042b600497844%22%5D |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
61676801.adoric-om.com
684dd30a.akstat.io
ajax.googleapis.com
anonymous-net.com
app.adoric-om.com
beta.infopicked.com
c.go-mpulse.net
data.ad-score.com
dnn506yrbagrg.cloudfront.net
download.gamesrv1.com
fnc.aspireglobal.com
fonts.googleapis.com
info.generationvip.com
js.ad-score.com
maxcdn.bootstrapcdn.com
mobinner.g2afse.com
offers.generationvip.com
s.go-mpulse.net
s3.amazonaws.com
script.crazyegg.com
sslwidget.criteo.com
static.criteo.net
traffic.focuusing.com
widget.eu.criteo.com
www.google-analytics.com
www.googletagmanager.com
13.35.193.84
130.211.115.4
143.204.179.106
173.192.101.24
178.250.0.163
178.250.2.151
2.20.132.146
2001:4de0:ac19::1:b:1b
212.32.249.98
2600:1901:0:fcac::
2606:4700::6813:9308
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:817::200e
2a00:1450:4001:81d::2008
2a02:2638::3
2a02:26f0:6c00:18b::11a6
2a02:26f0:6c00:192::11a6
35.174.117.232
52.210.34.44
52.216.228.43
72.52.179.175
93.184.221.168
95.129.34.40
010074794983d5e1acb8b034057a8ab3684a7d7c339315a6f7eb5891d2734474
0add8fcb5a583b1c16238fbe9d0de17c6272726b42be17fdcd9b4686ef5287d1
10d62f60330047bd47c9925ac23519a8e2130cd33d27a60fd0227ffba0b3383a
38dd743c3b08bc595b344315b84df702bd8ce2ed469f976d6a56c603c81e9827
4176770680556946abf1781e9feb7066f53d6fe2d271bb4a18c5d6b33864a903
51250867b18d1a5e5576c9759d58098cc2cfe9230e7bd5951c31326685334e31
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7c5a5239885587b2864179ba1a31d88b060176d96942f06acd5809488773ee6b
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8ab3ae2e593e994f776fdca1ce479700dbae6d4f0b924d6f184b2e9f47fea46e
95a2af3cac77a7da823a03a2d39283ab317eb289fd1866d4345a70d8ca9558db
98a8e4de5b29c476f9f6d6585cfb0d750e16bc8653f6c2104ade25d30460b227
9fb974b84a129972abbd1e2e5cfdf685cab5f6f22d881adf3845bc73b43eb4ad
a08244848f3f61203316ebc6a5e72126b2ad01960dcc2d6ba30a92cf4d5487ad
a558c5f97cfe4d1638fc6264b62446a7752934810111e31846a4cbc667df01c6
aa74b2149dc3730c55a8c8799eba84d83ed1cb70f37fa04b5f1e5680923823e2
b6f5a828991d2d86272ee0d2d8e3182bb04a5ef7d86da7923b7a1313699a04ce
c88ffd64925bf7fa5aded4c49863dbe1699d6cca9caa9d2b04b88e163ceec06d
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d4fb6cdbb280b5e772dea3a82bd4eb71053a4d2b8e6bca9f814e4a54e43c6a25
d8adb66d4d9cf55f48a04ea3a0b64305912c46918025d732d9c62aa1f8beb240
e1249c069aea8a6165d5622cf549b78519801fbe37121dc2673f728fb50fcad4
e360468ae0b74d10c728f793857ac8dbf066ca8091e36bac2e01cb06c809ed18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f377cfb6ca3e9614374243bc65f017c6025a46b172540699e4822c8a05143a8a
fb7e82e38f222cf3a530ed8ebe4ebafb65e7e14ca135cf9bd8eb33f843f3a86d